From fc1618d0864c4d12868fe39927768f6a595e1152 Mon Sep 17 00:00:00 2001 From: Simon Ser Date: Sun, 14 Apr 2019 19:07:03 +0300 Subject: [PATCH] protonmail: improve errors --- protonmail/auth.go | 4 ++-- protonmail/keys.go | 5 +++-- protonmail/srp.go | 18 ++++++++++++------ 3 files changed, 17 insertions(+), 10 deletions(-) diff --git a/protonmail/auth.go b/protonmail/auth.go index 643e1d2..e971844 100644 --- a/protonmail/auth.go +++ b/protonmail/auth.go @@ -280,7 +280,7 @@ func (c *Client) Unlock(auth *Auth, passphrase string) (openpgp.EntityList, erro for _, key := range addr.Keys { entity, err := key.Entity() if err != nil { - return nil, err + return nil, fmt.Errorf("failed to read key %q: %v", addr.Email, err) } found := false @@ -295,7 +295,7 @@ func (c *Client) Unlock(auth *Auth, passphrase string) (openpgp.EntityList, erro } if err := unlockKey(entity, passphraseBytes); err != nil { - log.Printf("warning: failed to unlock key %v: %v", entity.PrimaryKey.KeyIdString(), err) + log.Printf("warning: failed to unlock key %q %v: %v", addr.Email, entity.PrimaryKey.KeyIdString(), err) continue } diff --git a/protonmail/keys.go b/protonmail/keys.go index 3e72257..5a2b8f9 100644 --- a/protonmail/keys.go +++ b/protonmail/keys.go @@ -2,6 +2,7 @@ package protonmail import ( "errors" + "fmt" "net/http" "net/url" "strings" @@ -29,7 +30,7 @@ type PrivateKey struct { func (priv *PrivateKey) Entity() (*openpgp.Entity, error) { keyRing, err := openpgp.ReadArmoredKeyRing(strings.NewReader(priv.PrivateKey)) if err != nil { - return nil, err + return nil, fmt.Errorf("failed to read private key: %v", err) } if len(keyRing) == 0 { return nil, errors.New("private key is empty") @@ -58,7 +59,7 @@ type PublicKey struct { func (pub *PublicKey) Entity() (*openpgp.Entity, error) { keyRing, err := openpgp.ReadArmoredKeyRing(strings.NewReader(pub.PublicKey)) if err != nil { - return nil, err + return nil, fmt.Errorf("failed to read public key: %v", err) } if len(keyRing) == 0 { return nil, errors.New("public key is empty") diff --git a/protonmail/srp.go b/protonmail/srp.go index d45dfdf..83bd1df 100644 --- a/protonmail/srp.go +++ b/protonmail/srp.go @@ -6,6 +6,7 @@ import ( "crypto/subtle" "encoding/base64" "errors" + "fmt" "io" "log" "math/big" @@ -20,7 +21,7 @@ var randReader io.Reader = rand.Reader func decodeModulus(msg string) ([]byte, error) { block, _ := clearsign.Decode([]byte(msg)) if block == nil { - return nil, errors.New("invalid modulus signed PGP block") + return nil, errors.New("invalid SRP modulus signed PGP block") } // TODO: check signature and signature key @@ -30,7 +31,12 @@ func decodeModulus(msg string) ([]byte, error) { log.Println("warning: failed to check SRP modulus signature:", err) } - return base64.StdEncoding.DecodeString(string(block.Plaintext)) + b, err := base64.StdEncoding.DecodeString(string(block.Plaintext)) + if err != nil { + return nil, fmt.Errorf("malformed SRP modulus: %v", err) + } + + return b, nil } func reverse(b []byte) { @@ -140,11 +146,11 @@ func generateProofs(l int, hash func([]byte) []byte, modulusBytes, hashedBytes, func (p *proofs) VerifyServerProof(serverProofString string) error { serverProof, err := base64.StdEncoding.DecodeString(serverProofString) if err != nil { - return err + return fmt.Errorf("malformed SRP server proof: %v", err) } if subtle.ConstantTimeCompare(p.expectedServerProof, serverProof) != 1 { - return errors.New("invalid server proof") + return errors.New("invalid SRP server proof") } return nil } @@ -158,12 +164,12 @@ func srp(password []byte, info *AuthInfo) (*proofs, error) { serverEphemeral, err := base64.StdEncoding.DecodeString(info.serverEphemeral) if err != nil { - return nil, err + return nil, fmt.Errorf("malformed SRP server ephemeral: %v", err) } salt, err := base64.StdEncoding.DecodeString(info.salt) if err != nil { - return nil, err + return nil, fmt.Errorf("malformed SRP salt: %v", err) } hashed, err := hashPassword(info.version, password, salt, modulus)